3 Replies Latest reply on Oct 19, 2012 6:44 AM by asabban

    Exception occured with code 111 and message errno: 111 Connection Refused




      Since the last 2 days we received the following message:


      An exception occured with code 111 and message errno: 111 -"Connection refused" (Origin: Updater)

      An exception occured with code 110 and message errno: 110 -"Connection refused" (Origin: Updater)


      This happens arround midnight.


      Any idea?


      [McAfee WebGateway Version (12742)]




        • 1. Re: Exception occured with code 111 and message errno: 111 Connection Refused

          Hi Ray,


          it seems that MWG is not able to talk to our update server. The error code indicates that MWG was not able to create a network connection to our update server, e.g. MWG asked the operating system to create a TCP connection and the system was not able to do so.


          I have checked our monitoring and yesterday we had two short notifications about high load on one update server, which may already be a reason for the error messages. Generally the update servers are setup in a redundant way, so if MWG was not able to talk to one update server it will pick another one by a round robin mechanism with the next update, which is usually every 15/30 minutes.


          I checked again and the server had a maintenance ongoing last night. Therefore it was not available for a short period of time.


          Unfortunately MWG puts the ugly looking error messages into the Dashboard, but actually nothing bad happened :-)





          Nachricht geändert durch asabban on 19.10.12 09:40:58 MESZ
          • 2. Re: Exception occured with code 111 and message errno: 111 Connection Refused

            Hi Andre,


            Thanks for your answer.





            • 3. Re: Exception occured with code 111 and message errno: 111 Connection Refused

              You´re welcome Ray :-)


              Maybe some background information about how we designed the update structure. When the update is triggered to our update server infrastructure we return a list of update servers which are close to your location. MWG will keep this list of update servers and uses a different entry from this list when trying to download the required files.


              From time to time servers from the update server infrstructure are unavailable, there may be network or routing problems or we have to perform regular maintenance. When this happens and MWG picks exactly the server that is offline fo ask for the updates, this will - of course - fail. If this happens, a red warning is pushed to the Dashboard.


              Generally we assume this is pretty normal. MWG comes with an update interval of 30 minutes, so even if MWG tried to update against a non-responsive update server you will get the updates 30 minutes later, when the next update is performed.


              So the red warning in the Dashboard is a little misleading, because actually this does in no way mean that you do not have the latest protections or categories. Even if there were no updates available MWG would claim that it was unable to connect to one of the servers in the list - which is actually by design.


              There would certainly be other approaches such as having a virtual IP address which is pointing to multiple servers to fail-over if one server goes down, but we have decided to distribute our update servers around the globe into various datacenters for redundancy. A loadbalancer between different datacenters would be hard to get and maintain, additionaly this would introduce a single point of failure, which we currently do not have, unless multiple servers die. Otherwise MWG will always be able to pick up a list of servers, and walk though the list of servers when updating, which ensures that you can obtain updates.


              The worst thing that can happen is that an update is delayed by 30 minutes, which actually can also happen when we MWG looks for an update and we push an update 1 minute later. So the red warnings are a little inconvenient (and I am trying to raise awareness and have improvements here), but so far our experience with the update server infrastructure as it works right now is pretty good. Once we find the definive, best, bulletproof, maintainable and payable solution, we will certainly implement it :-)


              Just on top, currently our update servers are available with an average of 99.984%, which is pretty good. This does not include the CDN, which is causing some other issues from time to time... also working on that.